bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby David A. Harding

Posted on: October 23, 2023 08:49 UTC

The email discusses a problem related to the replacement cycle in Bitcoin transactions.

The sender, Nadav Ivgi, disagrees with a description provided by Riard and proposes an alternative approach. In Riard's scenario, Bob broadcasts an HTLC-timeout transaction which is then replaced by Mallory with an HTLC-preimage transaction. Mallory further replaces the transaction that created input C, removing the HTLC-preimage from the mempool.

However, according to Nadav, an alternative approach can be taken. In this approach, Bob still broadcasts an HTLC-timeout transaction, which Mallory again replaces with an HTLC-preimage transaction. But instead of removing the preimage from the mempool by replacing the transaction that created input C, Mallory uses input C to replace the HTLC-preimage with a transaction that does not include input A. This effectively removes the preimage from the mempool.

Nadav points out that the original scenario requires input C to come from an unconfirmed transaction, making the use of OP_CSV_ALLINPUTS effective. However, in the alternative scenario, input C can come from a confirmed transaction, rendering OP_CSV_ALLINPUTS ineffective.

The email does not provide any links or additional context.

  • Dave